[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fWVbWdIuhMiVPCxRX14mFj6gM5pddrBAcBevSoz4R6Ws":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":75,"crawl_stats":38,"alternatives":82,"analysis":184,"fingerprints":730},"google-captcha","reCaptcha by BestWebSoft","1.86","bestwebsoft","https:\u002F\u002Fprofiles.wordpress.org\u002Fbestwebsoft\u002F","\u003Cp>reCaptcha plugin is an effective security solution that protects your WordPress website forms from spam entries while letting real people pass through with ease.  It can be used for login, registration, password recovery, comments, popular contact forms, and other. reCAPTCHA Version 3, Version 2, Invisible are included.\u003C\u002Fp>\n\u003Cp>Users are required to confirm that they are not a robot before the form can be submitted. It’s easy for people and hard for bots.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fdemo-for-google-captcha\u002F?ref=readme\" rel=\"nofollow ugc\">View Demo\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FL2BziEOL3Fg?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>Free Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Add reCaptcha to:\n\u003Cul>\n\u003Cli>Registration form\u003C\u002Fli>\n\u003Cli>Login form\u003C\u002Fli>\n\u003Cli>Reset password form\u003C\u002Fli>\n\u003Cli>Protected post password form\u003C\u002Fli>\n\u003Cli>Comments form\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fcontact-form\u002F?k=56575444122cff9ab3ee3e640efb001a\" rel=\"nofollow ugc\">Contact Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Ftestimonials\u002F\" rel=\"nofollow ugc\">Testimonials\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbws-login-register\" rel=\"ugc\">Login & Register Form\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Custom form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Hide reCaptcha for the allowlisted IP addresses\u003C\u002Fli>\n\u003Cli>Disable the submit button\u003C\u002Fli>\n\u003Cli>Validity check of keys in admin panel\u003C\u002Fli>\n\u003Cli>Available reCaptcha themes for Version 2:\n\u003Cul>\n\u003Cli>Light (default)\u003C\u002Fli>\n\u003Cli>Dark\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with \u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Flimit-attempts\u002F?k=1b1865c556920231995b35c3ed889415\" rel=\"nofollow ugc\">Limit Attempts\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Hide reCaptcha in your forms for certain user roles\u003C\u002Fli>\n\u003Cli>Hide reCaptcha Badge (Invisible and V3)\u003C\u002Fli>\n\u003Cli>Supports reCaptcha:\n\u003Cul>\n\u003Cli>Version 2\u003C\u002Fli>\n\u003Cli>Version 3\u003C\u002Fli>\n\u003Cli>Invisible reCAPTCHA\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Add custom code via plugin settings page\u003C\u002Fli>\n\u003Cli>Compatible with latest WordPress version\u003C\u002Fli>\n\u003Cli>Incredibly simple settings for fast setup without modifying code\u003C\u002Fli>\n\u003Cli>Detailed step-by-step documentation and videos\u003C\u002Fli>\n\u003Cli>Multilingual and RTL ready\u003C\u002Fli>\n\u003Cli>Edit error message\u003C\u002Fli>\n\u003Cli>Hide Login page\u003C\u002Fli>\n\u003Cli>Force Strong Passwords\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cblockquote>\n\u003Cp>\u003Cstrong>Pro Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>All features from Free version included plus:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Compatible with:\n\u003Cul>\n\u003Cli>Contact Form 7 (since v 3.4)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fsubscriber\u002F?k=e6d1742fcf1806a39afac207f7920cf3\" rel=\"nofollow ugc\">Subscriber\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fmultilanguage\u002F?k=e48e145002e4b2472e568a81d171b888\" rel=\"nofollow ugc\">Multilanguage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Jetpack contact form\u003C\u002Fli>\n\u003Cli>Fast Secure Contact Form\u003C\u002Fli>\n\u003Cli>MailChimp for WordPress\u003C\u002Fli>\n\u003Cli>Ninja Forms\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>Caldera Forms\u003C\u002Fli>\n\u003Cli>Elementor Pro Contact Forms\u003C\u002Fli>\n\u003Cli>LearnDash Registration Page\u003C\u002Fli>\n\u003Cli>BuddyBoss\u003C\u002Fli>\n\u003Cli>Formidable Forms\u003C\u002Fli>\n\u003Cli>Forminator Forms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with WooCommerce:\n\u003Cul>\n\u003Cli>Login form\u003C\u002Fli>\n\u003Cli>Register form\u003C\u002Fli>\n\u003Cli>Lost password form\u003C\u002Fli>\n\u003Cli>Checkout billing form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with Divi:\n\u003Cul>\n\u003Cli>Divi Builder Contact form\u003C\u002Fli>\n\u003Cli>Divi Builder Login form\u003C\u002Fli>\n\u003Cli>Divi Theme Contact form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with bbPress:\n\u003Cul>\n\u003Cli>New Topic form\u003C\u002Fli>\n\u003Cli>Reply form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with BuddyPress:\n\u003Cul>\n\u003Cli>Registration form\u003C\u002Fli>\n\u003Cli>Comments form\u003C\u002Fli>\n\u003Cli>Create a Group form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with Forums – wpForo:\n\u003Cul>\n\u003Cli>Login form\u003C\u002Fli>\n\u003Cli>Registration form\u003C\u002Fli>\n\u003Cli>New Topic form\u003C\u002Fli>\n\u003Cli>Reply form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with Ultimate Member:\n\u003Cul>\n\u003Cli>Login form\u003C\u002Fli>\n\u003Cli>Registration form\u003C\u002Fli>\n\u003Cli>Profile form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with BWS Login Register Form:\n\u003Cul>\n\u003Cli>Login form\u003C\u002Fli>\n\u003Cli>Registration form\u003C\u002Fli>\n\u003Cli>Forgot Password form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Compatible with Easy Digital Downloads Form:\n\u003Cul>\n\u003Cli>Login form\u003C\u002Fli>\n\u003Cli>Registration form\u003C\u002Fli>\n\u003Cli>Forgot Password form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Select reCaptcha language manually\u003C\u002Fli>\n\u003Cli>Activate reCaptcha on certain Weekdays and Hours\u003C\u002Fli>\n\u003Cli>Change size: normal or compact (for version 2)\u003C\u002Fli>\n\u003Cli>Configure all subsites on the network\u003C\u002Fli>\n\u003Cli>Block disposable emails\u003C\u002Fli>\n\u003Cli>Administrator Login notification\u003C\u002Fli>\n\u003Cli>Get answer to your support question within one business day (\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fsupport-policy\u002F\" rel=\"nofollow ugc\">Support Policy\u003C\u002Fa>)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fgoogle-captcha\u002F?k=c4f2e3054fdbaca8a2b61554cbb9638c\" rel=\"nofollow ugc\">Upgrade to Pro Now\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>If you have a feature suggestion or idea you’d like to see in the plugin, we’d love to hear about it! \u003Ca href=\"https:\u002F\u002Fsupport.bestwebsoft.com\u002Fhc\u002Fen-us\u002Frequests\u002Fnew\" rel=\"nofollow ugc\">Suggest a Feature\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Documentation & Videos\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fdocumentation\u002Frecaptcha\u002Frecaptcha-user-guide\u002F\" rel=\"nofollow ugc\">[Doc] User Guide\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fdocumentation\u002Fhow-to-install-a-wordpress-product\u002Fhow-to-install-a-wordpress-plugin\u002F\" rel=\"nofollow ugc\">[Doc] Installation\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fdocumentation\u002Fhow-to-purchase-a-wordpress-plugin\u002Fhow-to-purchase-wordpress-plugin-from-bestwebsoft\u002F\" rel=\"nofollow ugc\">[Doc] Purchase\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.youtube.com\u002Fwatch?v=RUJ9VwZLFSY\" rel=\"nofollow ugc\">[Video] Installation Instruction\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=X-ccRdEFcM0\" rel=\"nofollow ugc\">[Video] Purchase, Installation & Configuration\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=ZFv6txtic0Y\" rel=\"nofollow ugc\">[Video] User Guide\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Help & Support\u003C\u002Fh4>\n\u003Cp>Visit our Help Center if you have any questions, our friendly Support Team is happy to help – \u003Ca href=\"https:\u002F\u002Fsupport.bestwebsoft.com\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fsupport.bestwebsoft.com\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Affiliate Program\u003C\u002Fh4>\n\u003Cp>Earn 20% commission by selling the premium WordPress plugins and themes by BestWebSoft – \u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Faffiliate\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fbestwebsoft.com\u002Faffiliate\u002F\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Translation\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Czech (cs_CZ) (thanks to \u003Ca href=\"mailto:kucerami@gmail.com\" rel=\"nofollow ugc\">Michal Kučera\u003C\u002Fa>, www.n0lim.it, \u003Ca href=\"mailto:info@pamadessoft.cz\" rel=\"nofollow ugc\">PaMaDeSSoft\u003C\u002Fa>, www.pamadessoft.cz)\u003C\u002Fli>\n\u003Cli>French (fr_FR)\u003C\u002Fli>\n\u003Cli>German (de_DE)\u003C\u002Fli>\n\u003Cli>Japanese (ja)\u003C\u002Fli>\n\u003Cli>Italian (it_IT)\u003C\u002Fli>\n\u003Cli>Portuguese (pt_BR)\u003C\u002Fli>\n\u003Cli>Romanian (ro_RO)\u003C\u002Fli>\n\u003Cli>Russian (ru_RU)\u003C\u002Fli>\n\u003Cli>Spanish (es_ES)\u003C\u002Fli>\n\u003Cli>Turkish (tr_TR) (thanks to \u003Ca href=\"mailto:admin@lordiz.com\" rel=\"nofollow ugc\">Lordiz\u003C\u002Fa>, www.lordiz.com)\u003C\u002Fli>\n\u003Cli>Ukrainian (uk)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Some of these translations are not complete. We are constantly adding new features which should be translated. If you would like to create your own language pack or update the existing one, you can send \u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FTranslating_WordPress\" rel=\"nofollow ugc\">the text of PO and MO files\u003C\u002Fa> to \u003Ca href=\"https:\u002F\u002Fsupport.bestwebsoft.com\u002Fhc\u002Fen-us\u002Frequests\u002Fnew\" rel=\"nofollow ugc\">BestWebSoft\u003C\u002Fa> and we’ll add it to the plugin. You can download the latest version of the program for work with PO and MO \u003Ca href=\"http:\u002F\u002Fwww.poedit.net\u002Fdownload.php\" rel=\"nofollow ugc\">files Poedit\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Recommended Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fupdater\u002F?k=f47f3eb3d739725d592249dbd129f7ff\" rel=\"nofollow ugc\">Updater\u003C\u002Fa> – Automatically check and update WordPress website core with all installed plugins and themes to the latest versions.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fcontact-form\u002F?k=56575444122cff9ab3ee3e640efb001a\" rel=\"nofollow ugc\">Contact Form\u003C\u002Fa> – Simple contact form plugin any WordPress website must have.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fsubscriber\u002F?k=e6d1742fcf1806a39afac207f7920cf3\" rel=\"nofollow ugc\">Subscriber\u003C\u002Fa> – Add email newsletter sign up form to WordPress posts, pages and widgets. Collect data and subscribe your users.\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fmultilanguage\u002F?k=e48e145002e4b2472e568a81d171b888\" rel=\"nofollow ugc\">Multilanguage\u003C\u002Fa> – Translate WordPress website content to other languages manually. Create multilingual pages, posts, widgets, menus, etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Credits\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>lib\u002Frecaptchalib.php – Copyright © 2007. Mike Crawford, Ben Maurer (reCAPTCHA – \u003Ca href=\"http:\u002F\u002Frecaptcha.net\" rel=\"nofollow ugc\">http:\u002F\u002Frecaptcha.net\u003C\u002Fa>). All Rights Reserved.\u003C\u002Fli>\n\u003Cli>The plugin uses Google Recaptcha (Google LLC) services to process data and protect against spam. \u003Ca href=\"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002F\u003C\u002Fa> Terms of service \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fa>. Privacy Policy \u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>This plugin incorporates a license verification mechanism to ensure the authenticity of your license key and provide access to premium features and updates. The verification process involves connecting securely to our external service hosted at BestWebSoft website \u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\" rel=\"nofollow ugc\">https:\u002F\u002Fbestwebsoft.com\u003C\u002Fa>. Privacy Policy \u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fprivacy-policy\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fbestwebsoft.com\u002Fprivacy-policy\u002F\u003C\u002Fa>. End user license agreement \u003Ca href=\"https:\u002F\u002Fbestwebsoft.com\u002Fend-user-license-agreement\u002F\" rel=\"nofollow ugc\">https:\u002F\u002Fbestwebsoft.com\u002Fend-user-license-agreement\u002F\u003C\u002Fa>.\u003C\u002Fli>\n\u003C\u002Ful>\n","Protect WordPress website forms from spam entries with Google reCAPTCHA.",100000,6607298,78,390,"2026-02-25T08:45:00.000Z","6.9.4","6.5","",[20,21,22,23,24],"anti-spam-security","antispam","captcha","captha","recaptcha","https:\u002F\u002Fbestwebsoft.com\u002Fproducts\u002Fwordpress\u002Fplugins\u002Fgoogle-captcha\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgoogle-captcha.1.86.zip",98,3,0,"2025-01-03 00:00:00","2026-03-15T15:16:48.613Z",[33,49,64],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":48},"CVE-2025-24628","recaptcha-by-bestwebsoft-captcha-bypass-2","reCaptcha by BestWebSoft \u003C= 1.78 - CAPTCHA Bypass","The reCaptcha by BestWebSoft plugin for WordPress is vulnerable to CAPTCHA Bypass in all versions up to, and including, 1.78. This makes it possible for unauthenticated attackers to bypass CAPTCHA.",null,"\u003C=1.78","1.79","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Guessable CAPTCHA","2025-02-20 15:55:28",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Feee2d5e8-a027-486b-93d8-9fe1501f9ed2?source=api-prod",49,{"id":50,"url_slug":51,"title":52,"description":53,"plugin_slug":4,"theme_slug":38,"affected_versions":54,"patched_in_version":55,"severity":41,"cvss_score":56,"cvss_vector":57,"vuln_type":58,"published_date":59,"updated_date":60,"references":61,"days_to_patch":63},"WF-169f2767-da20-4199-9997-438a62f6aee4-google-captcha","recaptcha-by-bestwebsoft-reflected-cross-site-scripting","reCaptcha by BestWebSoft \u003C 1.28 - Reflected Cross-Site Scripting","The reCaptcha by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘category’ parameter in versions before 1.28 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C1.28","1.28",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2017-04-12 00:00:00","2024-01-22 19:56:02",[62],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F169f2767-da20-4199-9997-438a62f6aee4?source=api-prod",2477,{"id":65,"url_slug":66,"title":67,"description":68,"plugin_slug":4,"theme_slug":38,"affected_versions":69,"patched_in_version":70,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":71,"updated_date":60,"references":72,"days_to_patch":74},"CVE-2015-0890","recaptcha-by-bestwebsoft-captcha-bypass","reCaptcha by BestWebSoft \u003C= 1.12 - CAPTCHA Bypass","The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors.","\u003C1.13","1.13","2015-03-03 00:00:00",[73],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F35df1ab9-58c1-4270-96ef-bbb2c7ac7af6?source=api-prod",3248,{"slug":7,"display_name":7,"profile_url":8,"plugin_count":76,"total_installs":77,"avg_security_score":78,"avg_patch_time_days":79,"trust_score":80,"computed_at":81},17,207410,95,1729,76,"2026-04-03T19:58:03.749Z",[83,107,126,145,165],{"slug":84,"name":85,"version":86,"author":87,"author_profile":88,"description":89,"short_description":90,"active_installs":11,"downloaded":91,"rating":92,"num_ratings":93,"last_updated":94,"tested_up_to":95,"requires_at_least":96,"requires_php":97,"tags":98,"homepage":102,"download_link":103,"security_score":104,"vuln_count":105,"unpatched_count":29,"last_vuln_date":106,"fetched_at":31},"advanced-nocaptcha-recaptcha","CAPTCHA 4WP – Antispam CAPTCHA solution for WordPress","7.6.0","WPKube","https:\u002F\u002Fprofiles.wordpress.org\u002Fwpkube\u002F","\u003Ch4>IMPORTANT NOTICE\u003C\u002Fh4>\n\u003Cp>CAPTCHA 4WP has been acquired by WPKube. \u003Ca href=\"https:\u002F\u002Fmelapress.com\u002Fcaptcha-4-wp-plugin-acquired-by-wpkube\u002F\" rel=\"nofollow ugc\">Read the announcement\u003C\u002Fa> for more information.\u003Cbr \u002F>\nWe, at Melapress, would like to take this opportunity to thank everyone who has used and supported CAPTCHA 4WP.\u003C\u002Fp>\n\u003Ch3>A free and easy-to-use CAPTCHA plugin for WordPress\u003C\u002Fh3>\n\u003Cp>Protect your WordPress forms and login pages from spam and automated attacks with \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002F\" rel=\"nofollow ugc\">CAPTCHA 4WP\u003C\u002Fa>. Choose from multiple ReCAPTCHA versions and strike the right balance between security and user experience.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Features\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fpricing\u002F\" rel=\"nofollow ugc\">Get the Premium!\u003C\u002Fa> | \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fgetting-started-with-captcha-4wp\u002F\" rel=\"nofollow ugc\">Getting Started\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Use the CAPTCHA 4WP plugin to add CAPTCHA checks to WordPress forms and logins. Choose from V2 (I’m not a robot), V2 Invisible, and V3 noCAPTCHA to ensure the best user experience at all times without compromosing security. Avoid false positives falling through the crack with V3 failover to ensure humans can still pass the test even if the result comes back below the passmark.\u003C\u002Fp>\n\u003Ch3>CAPTCHA 4WP key plugin features and capabilities\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Add CAPTCHA to WordPress native forms such as login pages, user registration and comments forms etc\u003C\u002Fli>\n\u003Cli>Supports multiple ReCAPTCHA versions\u003C\u002Fli>\n\u003Cli>User-friendly wizards for easy, hassle-free setup\u003C\u002Fli>\n\u003Cli>Set ReCAPTCHA V3 passmark score \u003C\u002Fli>\n\u003Cli>ReCAPTCHA failover configuration (ensure no prospect is incorrectly marked as spam)\u003C\u002Fli>\n\u003Cli>Plugin automatically detects visitors’ language and shows CAPTCHA in that language\u003C\u002Fli>\n\u003Cli>Much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Upgrade to CAPTCHA 4WP Premium and get even more\u003C\u002Fh3>\n\u003Cp>With the premium edition of CAPTCHA 4WP, you can choose from a wider range of CAPTCHA service providers, 1-click WooCommerce and other 3rd party plugin support, whitelisting, and much more.\u003C\u002Fp>\n\u003Ch3>Premium features list\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Everything in the free version\u003C\u002Fli>\n\u003Cli>Add CAPTCHA from hCaptcha and Cloudflare Turnstile on your websites, both free and GDPR compliant\u003C\u002Fli>\n\u003Cli>Add Geoblocking on forms and WordPress comments form (block \u002F limit form submissions or comment posting by country)\u003C\u002Fli>\n\u003Cli>Customization options for the CAPTCHA checks text, visual and position on the forms\u003C\u002Fli>\n\u003Cli>One-click integration with WooCommerce\u003C\u002Fli>\n\u003Cli>One-click integration with Contact Form 7, Gravity Forms, WPForms, BuddyPress & other plugins\u003C\u002Fli>\n\u003Cli>Much more\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Refer to the \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">CAPTCHA 4WP plugin features and benefits page\u003C\u002Fa> to learn more about the benefits of upgrading to the Premium version of CAPTCHA 4WP.\u003C\u002Fp>\n\u003Ch3>Free and premium support\u003C\u002Fh3>\n\u003Cp>Support for CAPTCHA 4WP is free through the WordPress support forums.\u003C\u002Fp>\n\u003Cp>Premium support for paid customer support is provided via one-to-one email. Upgrade to Premium to benefit from premium support.\u003C\u002Fp>\n\u003Cp>For any other queries, feedback, or if you simply want to get in touch with us, please use our \u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fsubmit-ticket\u002F\" rel=\"nofollow ugc\">contact form\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch3>As featured on:\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.wpbeginner.com\u002Fplugins\u002Fhow-to-add-captcha-in-wordpress-login-and-registration-form\u002F\" rel=\"nofollow ugc\">WP Beginner\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.elegantthemes.com\u002Fblog\u002Fwordpress\u002Fwordpress-captcha\" rel=\"nofollow ugc\">Elegant Themes\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.isitwp.com\u002Fbest-wordpress-captcha-plugins\u002F\" rel=\"nofollow ugc\">IsItWP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwplift.com\u002Fbest-wordpress-captcha-plugins\" rel=\"nofollow ugc\">WPLift\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftesterwp.com\u002Fbest-free-captcha-wordpress-plugins\u002F\" rel=\"nofollow ugc\">TesterWP\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Related links and documentation:\u003C\u002Fh3>\n\u003Cp>You can find more detailed information about CAPTCHA tests and the benefits you can take advantage of, and the plugin in the links below:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fwhy-need-captcha-wordpress-website\u002F\" rel=\"nofollow ugc\">Why you need CAPTCHA on your WordPress website\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdifferent-types-captcha-checks-wordpress\u002F\" rel=\"nofollow ugc\">The different types of CAPTCHA for websites\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fcaptcha-recaptcha-nocaptcha-differences\u002F\" rel=\"nofollow ugc\">What is the difference between CAPTCHA, ReCAPTCHA, and NoCAPTCHA?\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fgetting-started-with-captcha-4wp\u002F\" rel=\"nofollow ugc\">Getting started with CAPTCHA 4WP\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-to-woocommerce-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on WooCommerce forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-on-wpforms-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on WPForms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-add-captcha-on-gravity-forms-forms\u002F\" rel=\"nofollow ugc\">How to add CAPTCHA on Gravity Forms\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002Fdocs\u002Fhow-to-show-captcha-on-failed-logins\u002F\" rel=\"nofollow ugc\">How to show CAPTCHA on failed logins\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcaptcha4wp.com\u002F\" rel=\"nofollow ugc\">Official Melapress website\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Installing CAPTCHA 4WP\u003C\u002Fh3>\n\u003Ch3>From within WordPress\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Navigate to “Plugins”page and click the “Add New” button\u003C\u002Fli>\n\u003Cli>Search for “CAPTCHA 4WP”\u003C\u002Fli>\n\u003Cli>Cick install and after that activate the plugin\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch3>Manually\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Download the plugin from the WordPress plugins repository\u003C\u002Fli>\n\u003Cli>Unzip the zip file and upload the folder to the \u002Fwp-content\u002Fplugins\u002F directory\u003C\u002Fli>\n\u003Cli>Activate CAPTCHA 4WP through the “Plugins” menu in WordPress\u003C\u002Fli>\n\u003C\u002Fol>\n","Use CAPTCHA to stop spam and allow customers & users to interact with your website easily. Block fake accounts and orders. Avoid false positives.",3577096,64,268,"2025-06-11T07:53:00.000Z","6.8.5","5.5","7.4",[99,22,100,101,24],"antispam-protection","cloudflare-turnstile","hcaptcha","https:\u002F\u002Fcaptcha4wp.com\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadvanced-nocaptcha-recaptcha.7.6.0.zip",99,1,"2022-06-29 00:00:00",{"slug":108,"name":109,"version":110,"author":111,"author_profile":112,"description":113,"short_description":114,"active_installs":115,"downloaded":116,"rating":117,"num_ratings":76,"last_updated":118,"tested_up_to":95,"requires_at_least":119,"requires_php":120,"tags":121,"homepage":18,"download_link":124,"security_score":125,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"friendly-captcha","Friendly Captcha for WordPress","1.16.0","Friendly Captcha","https:\u002F\u002Fprofiles.wordpress.org\u002Ffriendlycaptcha\u002F","\u003Cp>Friendly Captcha is a privacy-first anti-bot solution that protects WordPress website forms from spam and abuse.\u003C\u002Fp>\n\u003Cp>Do you use a captcha like reCAPTCHA to keep out bots? Friendly Captcha is a powerful anti-spam service that blocks spam-bots without annoying captcha images and protects user privacy.\u003C\u002Fp>\n\u003Ch3>How Friendly Captcha Works\u003C\u002Fh3>\n\u003Cp>Friendly Captcha is a tool for preventing spam on your website. Other CAPTCHAs are a burden on your users, Friendly Captcha respects your users.\u003C\u002Fp>\n\u003Cp>Friendly Captcha is a proof-of-work based anti-bot solution in which the user’s device does all the work. We generate a unique crypto puzzle for each visitor.\u003C\u002Fp>\n\u003Cp>Solving it will usually take only a few seconds. As soon as the user starts filling the form it starts getting solved. By the time the user is ready to submit, the puzzle is probably already solved.\u003C\u002Fp>\n\u003Cp>Friendly Captcha prevents spam and doesn’t punish real users in doing so.\u003C\u002Fp>\n\u003Ch3>Privacy Notices\u003C\u002Fh3>\n\u003Ch4>No personal information\u003C\u002Fh4>\n\u003Cp>Our anti-bot service does not store personal data from your end users. See our Privacy Policy for End Users to learn more.\u003C\u002Fp>\n\u003Ch4>No cookies\u003C\u002Fh4>\n\u003Cp>Our end user solution does not use cookies. This protects your end users from being tracked and followed from site to site.\u003C\u002Fp>\n\u003Ch4>No discrimination\u003C\u002Fh4>\n\u003Cp>Normal CAPTCHA tasks are not easy for all humans. Our solution works without labeling tasks and is thus accessible to everyone.\u003C\u002Fp>\n\u003Ch4>Decentralized data processing\u003C\u002Fh4>\n\u003Cp>By default, requests are processed in the point-of-presence closest to where it is accessed by the end user. See our Privacy Policy for End Users to learn more.\u003C\u002Fp>\n\u003Cp>Join thousands of organizations in switching to a privacy-first anti-bot solution.\u003C\u002Fp>\n\u003Ch3>Forms and Plugins Supported\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>WordPress Login Form\u003C\u002Fli>\n\u003Cli>WordPress Register Form\u003C\u002Fli>\n\u003Cli>WordPress Reset Password Form\u003C\u002Fli>\n\u003Cli>WordPress Comments\u003C\u002Fli>\n\u003Cli>CoBlocks\u003C\u002Fli>\n\u003Cli>Contact Form 7\u003C\u002Fli>\n\u003Cli>Divi Contact Forms\u003C\u002Fli>\n\u003Cli>Elementor Pro Forms\u003C\u002Fli>\n\u003Cli>FluentForm\u003C\u002Fli>\n\u003Cli>Gravity Forms\u003C\u002Fli>\n\u003Cli>Ultimate Member Login Form\u003C\u002Fli>\n\u003Cli>Ultimate Member Register Form\u003C\u002Fli>\n\u003Cli>Ultimate Member Reset Password Form\u003C\u002Fli>\n\u003Cli>WooCommerce Login Form\u003C\u002Fli>\n\u003Cli>WooCommerce Register Form\u003C\u002Fli>\n\u003Cli>WooCommerce Checkout Form\u003C\u002Fli>\n\u003Cli>WooCommerce Lost Password Form\u003C\u002Fli>\n\u003Cli>WPForms\u003C\u002Fli>\n\u003Cli>Profile Builder Login Form\u003C\u002Fli>\n\u003Cli>Profile Builder Register Form\u003C\u002Fli>\n\u003Cli>Profile Builder Reset Password Form\u003C\u002Fli>\n\u003Cli>Forminator\u003C\u002Fli>\n\u003Cli>Formidable\u003C\u002Fli>\n\u003Cli>Avada Form Builder\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>If you see an integration that’s missing, please \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FFriendlyCaptcha\u002Ffriendly-captcha-wordpress\" rel=\"nofollow ugc\">open a pull request\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>However, you may wish to email the authors of plugins you’d like to support Friendly Captcha: it will usually take them only an hour or two to add native support if they choose to do so. This will simplify your use of Friendly Captcha, and is the best solution in the long run.\u003C\u002Fp>\n","Friendly Captcha is a privacy-first anti-bot solution that protects WordPress website forms from spam and abuse.",9000,264425,82,"2026-02-03T11:24:00.000Z","5.0","7.3",[21,22,122,24,123],"contact-form","spam","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffriendly-captcha.1.16.0.zip",100,{"slug":127,"name":128,"version":129,"author":130,"author_profile":131,"description":132,"short_description":133,"active_installs":115,"downloaded":134,"rating":117,"num_ratings":135,"last_updated":136,"tested_up_to":137,"requires_at_least":138,"requires_php":18,"tags":139,"homepage":142,"download_link":143,"security_score":144,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"recaptcha-in-wp-comments-form","reCAPTCHA in WP comments form","9.1.2","jmviade","https:\u002F\u002Fprofiles.wordpress.org\u002Fjmviade\u002F","\u003Cp>reCAPTCHA in WP comments form plugin is an \u003Cstrong>ANTISPAM tool\u003C\u002Fstrong> that adds the visible Google \u003Cstrong>reCAPTCHA field\u003C\u002Fstrong> inside the comments form of your WP theme when the user is not logged in preventing fraudulent or deceptive comments.\u003C\u002Fp>\n\u003Cp>The plugin also \u003Cstrong>introduces a second verification process\u003C\u002Fstrong> that detects the unauthorized direct accesses by spam robots to the WP comments system and allows you to decide what do you want to do with those comments.\u003C\u002Fp>\n\u003Cp>Finally, the plugin has got an optional \u003Cstrong>forced javascript output mode\u003C\u002Fstrong> that lets you to add a reCAPTCHA field \u003Cstrong>also in old WP themes\u003C\u002Fstrong> that didn’t use the new WP form comments functions but they make a direct output of its own comments form.\u003C\u002Fp>\n\u003Ch4>FEATURES LIST\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Basic Features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>All variants\u003C\u002Fstrong> of Google reCAPTCHA field are available\u003C\u002Fli>\n\u003Cli>Two simple steps \u003Cstrong>Installation Wizard\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Automatic \u003Cstrong>default configuration settings\u003C\u002Fstrong> for all plugin components\u003C\u002Fli>\n\u003Cli>Automatic default configuration for reCAPTCHA field\u003C\u002Fli>\n\u003Cli>Configuration settings for Plugin \u003C\u002Fli>\n\u003Cli>Configuration settings for \u003Cstrong>ANTISPAM operation\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Four modes of operation in case of spam robots threats (SPAM, TRASH, DELETE or DIE)\u003C\u002Fli>\n\u003Cli>Visual configuration settings for Google reCAPTCHA: theme, size, type, align, language\u003C\u002Fli>\n\u003Cli>Dynamic comments form sample for viewing configuration settings changes\u003C\u002Fli>\n\u003Cli>Visual Help\u003C\u002Fli>\n\u003Cli>RTL Language support\u003C\u002Fli>\n\u003Cli>Admin Color scheme adapted\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Middle features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Forced language option for reCAPTCHA field\u003C\u002Fli>\n\u003Cli>Plugin \u003Cstrong>blocks the submit button\u003C\u002Fstrong> while reCAPTCHA field is not verified\u003C\u002Fli>\n\u003Cli>Plugin \u003Cstrong>changes HTML structure of the comments form\u003C\u002Fstrong> to prevent malicious automatic sendings while reCAPTCHA field is not verified\u003C\u002Fli>\n\u003Cli>Plugin also blocks \u003Cstrong>other elements with \u003Ccode>[type=submit]\u003C\u002Fcode> inside form\u003C\u002Fstrong> in case of a theme customized comments form\u003C\u002Fli>\n\u003Cli>Plugin lets you to write your own \u003Cstrong>additional CSS for the reCAPTCHA field\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>New \u003Cstrong>restore default value buttons\u003C\u002Fstrong> in plugin configuration section for helping you in case of changing WP theme, accidental errors, test environtments, etc.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>Advanced features\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>reCAPTCHA \u003Cstrong>verification process via AJAX before submitting the form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Second security checking process\u003C\u002Fstrong> for preventing any security breach \u003Cstrong>before saving the comment\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Supporting \u003Cstrong>four different WP comments form HTML structure types\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>Advanced plugin options \u003Cstrong>based on HTML queries\u003C\u002Fstrong> for inserting the reCAPTCHA plugin in all kinds of WP themes\u003C\u002Fli>\n\u003Cli>Optional \u003Cstrong>Forced javascript output\u003C\u002Fstrong> that allows you to use the plugin with old WP themes that didn’t use function \u003Ccode>comment_form()\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Advanced ID’s tags settings for using this plugin with WP Themes that creates its own comments form HTML struct\u003C\u002Fli>\n\u003Cli>reCAPTCHA javascript initialization that prevents reCAPTCHA conflicts in case of that other plugins use reCAPTCHA.\u003C\u002Fli>\n\u003Cli>New mínimum CSS styles for recaptcha alignment\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>PLUGIN PAGE\u003C\u002Fh4>\n\u003Cp>To learn more about the plugin, visit the \u003Ca href=\"http:\u002F\u002Fwww.joanmiquelviade.com\u002Fplugin\u002Fgoogle-recaptcha-in-wp-comments-form\u002F\" title=\"Author's plugin page\" rel=\"nofollow ugc\">Plugin page\u003C\u002Fa>.\u003C\u002Fp>\n","reCAPTCHA in WP comments form is an ANTISPAM tool that adds a Google reCAPTCHA to the comments form and protects your site from the spam robots threat &hellip;",72788,20,"2019-04-22T12:10:00.000Z","5.1.22","4.0.0",[21,99,140,141,24],"comments-antispam","comments-recaptcha","http:\u002F\u002Fwww.joanmiquelviade.com\u002Fplugin\u002Fgoogle-recaptcha-in-wp-comments-form\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Frecaptcha-in-wp-comments-form.9.1.2.zip",85,{"slug":146,"name":147,"version":148,"author":149,"author_profile":150,"description":151,"short_description":152,"active_installs":153,"downloaded":154,"rating":27,"num_ratings":155,"last_updated":156,"tested_up_to":95,"requires_at_least":157,"requires_php":158,"tags":159,"homepage":162,"download_link":163,"security_score":104,"vuln_count":105,"unpatched_count":29,"last_vuln_date":164,"fetched_at":31},"gdpr-compliant-recaptcha-for-all-forms","Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant","4.1.2","Matthias Nordwig","https:\u002F\u002Fprofiles.wordpress.org\u002Fmatthiasnordwig\u002F","\u003Cp>Protect all your forms and logins against spam and brute-force attacks. The plugin is invisible and compliant to GDPR (RGPD, DSGVO).\u003Cbr \u002F>\nIt has a lot of options on the one hand and comes with a well balanced default configuration. Thus it starts working very well, as soon as it is activated.\u003C\u002Fp>\n\u003Ch3>Setup Guide\u003C\u002Fh3>\n\u003Cdiv class=\"embed-vimeo\" style=\"text-align: center;\">\u003Ciframe loading=\"lazy\" src=\"https:\u002F\u002Fplayer.vimeo.com\u002Fvideo\u002F905897718\" width=\"750\" height=\"422\" frameborder=\"0\" webkitallowfullscreen mozallowfullscreen allowfullscreen>\u003C\u002Fiframe>\u003C\u002Fdiv>\n\u003Ch3>Key features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Blocks spam on all(!) public forms, comments and logins\u003C\u002Fli>\n\u003Cli>Invisible. No user-input required\u003C\u002Fli>\n\u003Cli>Still receive 100 percent of the real requests\u003C\u002Fli>\n\u003Cli>Compliant to GDPR (respectively DSGVO, RGPD)\u003C\u002Fli>\n\u003Cli>The Plugin is for free\u003C\u002Fli>\n\u003Cli>No tracking, no cookies, no sessions\u003C\u002Fli>\n\u003Cli>No external ressources\u003C\u002Fli>\n\u003Cli>Easy to use\u003C\u002Fli>\n\u003Cli>SEO-friendly\u003C\u002Fli>\n\u003Cli>Only necessary code\u003C\u002Fli>\n\u003Cli>Optionally messages can be flagged instead of blocking them\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Examples WordPress\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Login Form\u003C\u002Fli>\n\u003Cli>Registration Form\u003C\u002Fli>\n\u003Cli>Password Reset Form\u003C\u002Fli>\n\u003Cli>Comments Form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Examples WooCommerce\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Checkout\u003C\u002Fli>\n\u003Cli>Login Form\u003C\u002Fli>\n\u003Cli>Registration Form\u003C\u002Fli>\n\u003Cli>Password Reset Form\u003C\u002Fli>\n\u003Cli>Comments form\u003C\u002Fli>\n\u003Cli>Product Evaluation Form\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Examples other Plugins\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Elementor Pro Forms, Contact Form 7, Fluent Forms, Jetpack Forms, Divi Forms, WPForms, Forminator, Thrive Architect & Thrive Apprentice, Gravity Forms, Formidable Forms, Mailchimp for WordPress Forms, BuddyPress Registration Form, bbPress Create Topic & Reply Forms, Ultimate Member Forms, wpDiscuz Custom Comments Form, Easy Digital Downloads Forms, Paid Memberships Pro Forms, MemberPress Forms, WP-Members Forms, WP User Frontend Forms, CheckoutWC & Flux Checkout, Ninja Forms, Everest Forms, Formidable Forms, WS Forms, Quform, Otter Blocks, Typeform, NEX-Forms, Bit Form, Form Maker, Funnelforms, Mailjet, Jotform, Page Builder, Metform, Calculated Fields Form, JetFormBuilder, weForms, Responsive Contact Form Builder, Zoho Forms, Smart Forms, Kali Forms, Happyforms, ApplyOnline, Subscribe Forms, FormCraft, Advanced Forms, CRM Perks Forms, Tripetto, Formstack, BuddyForms, vcita, Easy Form Builder, SimpleForm\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Thank you!\u003C\u002Fh3>\n\u003Cp>I hope you enjoy using the CAPTCHA plugin! If you are happy with it, I would be glad to get your review and probably a coffee too.\u003C\u002Fp>\n","Anti-spam - CAPTCHA that protects all forms against spam and brute-force. Invisible and GDPR-compliant.",4000,53290,45,"2025-06-02T10:13:00.000Z","4.8","5.6",[160,21,22,24,161],"anti-spam","spam-protection","https:\u002F\u002Fprogrammiere.de\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fgdpr-compliant-recaptcha-for-all-forms.4.1.2.zip","2025-06-05 00:00:00",{"slug":166,"name":167,"version":168,"author":169,"author_profile":170,"description":171,"short_description":172,"active_installs":173,"downloaded":174,"rating":125,"num_ratings":28,"last_updated":175,"tested_up_to":176,"requires_at_least":119,"requires_php":96,"tags":177,"homepage":181,"download_link":182,"security_score":183,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"power-captcha-recaptcha","Power Captcha reCAPTCHA","1.1.0","Denis Alemán","https:\u002F\u002Fprofiles.wordpress.org\u002Fdenisaleman\u002F","\u003Cp>Protect your WordPress, WooCommerce, and Contact Form 7 forms from spam, brute-force attacks, and fake accounts using Google reCAPTCHA.\u003C\u002Fp>\n\u003Cp>Power Captcha reCAPTCHA supports 3 Google reCAPTCHA types integrated into 6 common WordPress forms, including login and comment forms, 7 WooCommerce forms, and Contact Form 7.\u003C\u002Fp>\n\u003Ch3>3 CAPTCHA Types\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Score-based (v3) CAPTCHA.\u003C\u002Fstrong> Seamless detection.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>“I’m not a robot” CAPTCHA checkbox.\u003C\u002Fstrong> Verification requests with a challenge.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Invisible reCAPTCHA.\u003C\u002Fstrong> Improved, challenge-based CAPTCHA without a checkbox.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>6 WordPress Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Comment form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lost password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reset password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>7 WooCommerce Forms\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Register form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Checkout form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Review form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Reset password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lost password form\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Contact Form 7\u003C\u002Fh3>\n\u003Cp>As of version 1.0.7, Power Captcha reCAPTCHA integrates with Contact Form 7. You can easily add the Power Captcha reCAPTCHA field to your Contact Form 7 forms.\u003C\u002Fp>\n\u003Ch3>Activity Report\u003C\u002Fh3>\n\u003Cp>The Activity Report feature for the plugin provides users with a detailed overview of captcha interactions. It tracks and displays the number of solved, failed, and empty captchas, offering a daily breakdown to monitor performance trends. Stay informed with clear insights into your captcha performance.\u003C\u002Fp>\n","Protect WordPress\u002FWooCommerce\u002FContact Form 7 forms from spam, brute-force attacks, fake comments, accounts, or registrations with Google reCAPTCHA.",1000,6098,"2025-03-09T01:27:00.000Z","6.8.0",[20,22,178,179,180],"comment-form","google-recaptcha","login-security","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpower-captcha-recaptcha\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpower-captcha-recaptcha.1.1.0.zip",92,{"attackSurface":185,"codeSignals":449,"taintFlows":563,"riskAssessment":719,"analyzedAt":729},{"hooks":186,"ajaxHandlers":424,"restRoutes":442,"shortcodes":443,"cronEvents":447,"entryPointCount":448,"unprotectedCount":29},[187,194,198,202,207,211,215,219,224,228,233,237,241,245,249,253,256,258,260,264,268,271,275,278,282,286,289,293,297,301,305,309,312,316,320,323,328,332,336,340,344,348,353,356,360,364,367,371,374,378,382,386,390,394,397,401,405,409,412,416,420],{"type":188,"name":189,"callback":190,"priority":191,"file":192,"line":193},"filter","load_textdomain_mofile","bws_get_mofile",10,"bws_menu\\bws_functions.php",43,{"type":188,"name":195,"callback":196,"file":192,"line":197},"mce_external_plugins","bws_add_buttons",1146,{"type":188,"name":199,"callback":200,"file":192,"line":201},"mce_buttons","bws_register_buttons",1147,{"type":203,"name":204,"callback":205,"file":192,"line":206},"action","admin_init","bws_plugins_admin_init",1433,{"type":203,"name":208,"callback":209,"file":192,"line":210},"admin_enqueue_scripts","bws_admin_enqueue_scripts",1434,{"type":203,"name":212,"callback":213,"file":192,"line":214},"admin_head","bws_plugins_admin_head",1435,{"type":203,"name":216,"callback":217,"file":192,"line":218},"admin_footer","bws_plugins_admin_footer",1436,{"type":203,"name":220,"callback":221,"priority":222,"file":192,"line":223},"admin_notices","bws_admin_notices",30,1438,{"type":203,"name":225,"callback":226,"priority":135,"file":192,"line":227},"wp_enqueue_scripts","bws_enqueue_custom_code_css_js",1440,{"type":188,"name":229,"callback":230,"priority":191,"file":231,"line":232},"site_url","gglcptch_check_login_url","google-captcha.php",143,{"type":203,"name":234,"callback":235,"priority":191,"file":231,"line":236},"login_init","gglcptch_login_head",144,{"type":203,"name":238,"callback":239,"file":231,"line":240},"login_form","gglcptch_add_field",145,{"type":188,"name":242,"callback":243,"priority":191,"file":231,"line":244},"lostpassword_url","gglcptch_lostpassword",147,{"type":188,"name":246,"callback":247,"priority":125,"file":231,"line":248},"lostpassword_redirect","gglcptch_lostpassword_redirect",148,{"type":203,"name":250,"callback":251,"file":231,"line":252},"wp_footer","gglcptch_add_scripts",389,{"type":203,"name":254,"callback":251,"file":231,"line":255},"login_footer",395,{"type":203,"name":250,"callback":251,"file":231,"line":257},919,{"type":203,"name":254,"callback":251,"file":231,"line":259},925,{"type":203,"name":261,"callback":262,"file":231,"line":263},"admin_menu","gglcptch_admin_menu",1564,{"type":203,"name":265,"callback":266,"priority":191,"file":231,"line":267},"init","gglcptch_init",1566,{"type":203,"name":204,"callback":269,"file":231,"line":270},"gglcptch_admin_init",1567,{"type":203,"name":272,"callback":273,"file":231,"line":274},"plugins_loaded","gglcptch_plugins_loaded",1569,{"type":203,"name":208,"callback":276,"file":231,"line":277},"gglcptch_add_admin_script_styles",1571,{"type":203,"name":279,"callback":280,"file":231,"line":281},"login_enqueue_scripts","gglcptch_add_login_styles",1572,{"type":188,"name":283,"callback":284,"priority":191,"file":231,"line":285},"script_loader_tag","gglcptch_add_async_attribute",1573,{"type":203,"name":216,"callback":287,"file":231,"line":288},"gglcptch_admin_footer",1574,{"type":188,"name":290,"callback":291,"file":231,"line":292},"pgntn_callback","gglcptch_pagination_callback",1575,{"type":188,"name":294,"callback":295,"priority":191,"file":231,"line":296},"lmtttmpts_plugin_forms","gglcptch_add_lmtttmpts_forms",1577,{"type":188,"name":298,"callback":299,"file":231,"line":300},"widget_text","do_shortcode",1580,{"type":188,"name":302,"callback":303,"priority":191,"file":231,"line":304},"gglcptch_display_recaptcha","gglcptch_display_custom",1582,{"type":188,"name":306,"callback":307,"priority":191,"file":231,"line":308},"gglcptch_verify_recaptcha","gglcptch_check_custom",1583,{"type":188,"name":310,"callback":310,"priority":191,"file":231,"line":311},"gglcptch_limit_attempts_check",1585,{"type":188,"name":313,"callback":314,"priority":191,"file":231,"line":315},"plugin_action_links","gglcptch_action_links",1587,{"type":188,"name":317,"callback":318,"priority":191,"file":231,"line":319},"plugin_row_meta","gglcptch_links",1588,{"type":203,"name":220,"callback":321,"file":231,"line":322},"gglcptch_plugin_banner",1590,{"type":188,"name":324,"callback":325,"file":326,"line":327},"frm_available_fields","gglcptch_frm_add_basic_field","includes\\captcha-for-formidable.php",170,{"type":188,"name":329,"callback":330,"file":326,"line":331},"frm_before_field_created","gglcptch_frm_set_defaults",172,{"type":203,"name":333,"callback":334,"file":326,"line":335},"frm_display_added_fields","gglcptch_frm_show_the_admin_field",173,{"type":203,"name":337,"callback":338,"priority":191,"file":326,"line":339},"frm_form_fields","gglcptch_frm_show_front_field",174,{"type":188,"name":341,"callback":342,"priority":191,"file":326,"line":343},"frm_validate_field_entry","gglcptch_frm_custom_validation",175,{"type":203,"name":238,"callback":345,"file":346,"line":347},"gglcptch_login_display","includes\\forms.php",214,{"type":203,"name":349,"callback":350,"priority":351,"file":346,"line":352},"authenticate","gglcptch_login_check",21,215,{"type":203,"name":354,"callback":345,"priority":104,"file":346,"line":355},"register_form",220,{"type":203,"name":357,"callback":358,"priority":191,"file":346,"line":359},"registration_errors","gglcptch_register_check",221,{"type":203,"name":361,"callback":362,"file":346,"line":363},"signup_extra_fields","gglcptch_signup_display",223,{"type":203,"name":365,"callback":362,"file":346,"line":366},"signup_blogform",224,{"type":188,"name":368,"callback":369,"priority":191,"file":346,"line":370},"wpmu_validate_user_signup","gglcptch_signup_check",225,{"type":203,"name":372,"callback":345,"file":346,"line":373},"lostpassword_form",230,{"type":203,"name":375,"callback":376,"file":346,"line":377},"allow_password_reset","gglcptch_lostpassword_check",231,{"type":188,"name":379,"callback":380,"priority":191,"file":346,"line":381},"the_password_form","gglcptch_password_form_display",237,{"type":188,"name":383,"callback":384,"file":346,"line":385},"post_password_expires","gglcptch_password_form_cookie",238,{"type":188,"name":387,"callback":388,"priority":191,"file":346,"line":389},"post_password_required","gglcptch_password_form_check",239,{"type":203,"name":391,"callback":392,"file":346,"line":393},"comment_form_after_fields","gglcptch_commentform_display",244,{"type":203,"name":395,"callback":392,"file":346,"line":396},"comment_form_logged_in_after",245,{"type":203,"name":398,"callback":399,"file":346,"line":400},"pre_comment_on_post","gglcptch_commentform_check",246,{"type":188,"name":402,"callback":403,"priority":191,"file":346,"line":404},"cntctfrm_display_captcha","gglcptch_display",251,{"type":188,"name":406,"callback":407,"file":346,"line":408},"cntctfrm_check_form","gglcptch_contact_form_check",252,{"type":188,"name":410,"callback":403,"priority":191,"file":346,"line":411},"tstmnls_display_recaptcha",257,{"type":188,"name":413,"callback":414,"priority":191,"file":346,"line":415},"lgnrgstrfrm_add_field","gglcptch_add_login_register_forms",262,{"type":188,"name":417,"callback":418,"priority":191,"file":346,"line":419},"lgnrgstrfrm_check_field","gglcptch_check_login_register_forms",263,{"type":203,"name":421,"callback":422,"priority":191,"file":346,"line":423},"validate_password_reset","gglcptch_validate_password_reset_form",267,[425,431,435,439],{"action":426,"nopriv":427,"callback":426,"hasNonce":428,"hasCapCheck":427,"file":429,"line":430},"bws_submit_request_feature_action",false,true,"bws_menu\\class-bws-settings.php",1475,{"action":432,"nopriv":427,"callback":432,"hasNonce":428,"hasCapCheck":427,"file":433,"line":434},"bws_submit_uninstall_reason_action","bws_menu\\deactivation-form.php",433,{"action":436,"nopriv":427,"callback":437,"hasNonce":428,"hasCapCheck":427,"file":231,"line":438},"gglcptch-test-keys","gglcptch_test_keys",1592,{"action":440,"nopriv":427,"callback":440,"hasNonce":428,"hasCapCheck":427,"file":231,"line":441},"gglcptch_test_keys_verification",1593,[],[444],{"tag":445,"callback":403,"file":231,"line":446},"bws_google_captcha",1579,[],5,{"dangerousFunctions":450,"sqlUsage":451,"outputEscaping":484,"fileOperations":558,"externalRequests":559,"nonceChecks":560,"capabilityChecks":561,"bundledLibraries":562},[],{"prepared":191,"raw":452,"locations":453},13,[454,457,460,462,464,466,468,470,472,476,479,480,482],{"file":192,"line":455,"context":456},1410,"$wpdb->get_col() with variable interpolation",{"file":231,"line":458,"context":459},514,"$wpdb->query() with variable interpolation",{"file":231,"line":461,"context":459},515,{"file":231,"line":463,"context":459},557,{"file":231,"line":465,"context":459},690,{"file":231,"line":467,"context":456},1542,{"file":231,"line":469,"context":459},1545,{"file":231,"line":471,"context":459},1551,{"file":473,"line":474,"context":475},"includes\\allowlist.php",294,"$wpdb->get_results() with variable interpolation",{"file":473,"line":477,"context":478},324,"$wpdb->get_var() with variable interpolation",{"file":473,"line":14,"context":459},{"file":473,"line":481,"context":478},394,{"file":473,"line":483,"context":478},411,{"escaped":485,"rawEcho":486,"locations":487},621,34,[488,490,492,494,496,499,501,503,505,507,509,511,513,515,517,519,521,524,526,528,530,532,534,537,539,541,542,544,546,548,550,552,554,556],{"file":192,"line":327,"context":489},"raw output",{"file":192,"line":491,"context":489},189,{"file":192,"line":493,"context":489},191,{"file":192,"line":495,"context":489},216,{"file":497,"line":498,"context":489},"bws_menu\\bws_menu.php",589,{"file":497,"line":500,"context":489},674,{"file":497,"line":502,"context":489},678,{"file":497,"line":504,"context":489},681,{"file":497,"line":506,"context":489},765,{"file":429,"line":508,"context":489},561,{"file":429,"line":510,"context":489},587,{"file":429,"line":512,"context":489},929,{"file":429,"line":514,"context":489},1212,{"file":429,"line":516,"context":489},1214,{"file":429,"line":518,"context":489},1216,{"file":429,"line":520,"context":489},1219,{"file":522,"line":523,"context":489},"bws_menu\\deprecated.php",131,{"file":231,"line":525,"context":489},738,{"file":231,"line":527,"context":489},1403,{"file":326,"line":529,"context":489},68,{"file":326,"line":531,"context":489},116,{"file":326,"line":533,"context":489},118,{"file":535,"line":536,"context":489},"includes\\class-gglcptch-settings-tabs.php",91,{"file":535,"line":538,"context":489},370,{"file":535,"line":540,"context":489},385,{"file":535,"line":540,"context":489},{"file":535,"line":543,"context":489},392,{"file":535,"line":545,"context":489},583,{"file":535,"line":547,"context":489},591,{"file":535,"line":549,"context":489},601,{"file":346,"line":551,"context":489},284,{"file":346,"line":553,"context":489},320,{"file":346,"line":555,"context":489},482,{"file":346,"line":557,"context":489},517,2,7,27,4,[],[564,581,610,624,634,642,652,660,668,679,690,705],{"entryPoint":565,"graph":566,"unsanitizedCount":105,"severity":41},"gglcptch_get_response (google-captcha.php:1002)",{"nodes":567,"edges":579},[568,573],{"id":569,"type":570,"label":571,"file":231,"line":572},"n0","source","$_POST",1006,{"id":574,"type":575,"label":576,"file":231,"line":577,"wp_function":578},"n1","sink","wp_remote_post() [SSRF]",1011,"wp_remote_post",[580],{"from":569,"to":574,"sanitized":427},{"entryPoint":582,"graph":583,"unsanitizedCount":29,"severity":609},"bws_add_menu_render (bws_menu\\bws_menu.php:18)",{"nodes":584,"edges":605},[585,587,591,595,598,602],{"id":569,"type":570,"label":586,"file":497,"line":560},"$_GET (x14)",{"id":574,"type":575,"label":588,"file":497,"line":589,"wp_function":590},"echo() [XSS]",374,"echo",{"id":592,"type":570,"label":593,"file":497,"line":594},"n2","$_POST (x2)",101,{"id":596,"type":575,"label":588,"file":497,"line":597,"wp_function":590},"n3",424,{"id":599,"type":570,"label":600,"file":497,"line":601},"n4","$_REQUEST (x2)",288,{"id":603,"type":575,"label":588,"file":497,"line":604,"wp_function":590},"n5",468,[606,607,608],{"from":569,"to":574,"sanitized":428},{"from":592,"to":596,"sanitized":428},{"from":599,"to":603,"sanitized":428},"low",{"entryPoint":611,"graph":612,"unsanitizedCount":29,"severity":609},"\u003Cbws_menu> (bws_menu\\bws_menu.php:0)",{"nodes":613,"edges":620},[614,615,616,617,618,619],{"id":569,"type":570,"label":586,"file":497,"line":560},{"id":574,"type":575,"label":588,"file":497,"line":589,"wp_function":590},{"id":592,"type":570,"label":593,"file":497,"line":594},{"id":596,"type":575,"label":588,"file":497,"line":597,"wp_function":590},{"id":599,"type":570,"label":600,"file":497,"line":601},{"id":603,"type":575,"label":588,"file":497,"line":604,"wp_function":590},[621,622,623],{"from":569,"to":574,"sanitized":428},{"from":592,"to":596,"sanitized":428},{"from":599,"to":603,"sanitized":428},{"entryPoint":625,"graph":626,"unsanitizedCount":29,"severity":609},"display_tabs (bws_menu\\class-bws-settings.php:291)",{"nodes":627,"edges":632},[628,631],{"id":569,"type":570,"label":629,"file":429,"line":630},"$_REQUEST['bws_active_tab']",301,{"id":574,"type":575,"label":588,"file":429,"line":630,"wp_function":590},[633],{"from":569,"to":574,"sanitized":428},{"entryPoint":635,"graph":636,"unsanitizedCount":29,"severity":609},"\u003Cclass-bws-settings> (bws_menu\\class-bws-settings.php:0)",{"nodes":637,"edges":640},[638,639],{"id":569,"type":570,"label":629,"file":429,"line":630},{"id":574,"type":575,"label":588,"file":429,"line":630,"wp_function":590},[641],{"from":569,"to":574,"sanitized":428},{"entryPoint":643,"graph":644,"unsanitizedCount":29,"severity":609},"bws_go_pro_tab_show (bws_menu\\deprecated.php:227)",{"nodes":645,"edges":650},[646,648],{"id":569,"type":570,"label":593,"file":522,"line":647},229,{"id":574,"type":575,"label":588,"file":522,"line":649,"wp_function":590},269,[651],{"from":569,"to":574,"sanitized":428},{"entryPoint":653,"graph":654,"unsanitizedCount":29,"severity":609},"\u003Cdeprecated> (bws_menu\\deprecated.php:0)",{"nodes":655,"edges":658},[656,657],{"id":569,"type":570,"label":593,"file":522,"line":647},{"id":574,"type":575,"label":588,"file":522,"line":649,"wp_function":590},[659],{"from":569,"to":574,"sanitized":428},{"entryPoint":661,"graph":662,"unsanitizedCount":29,"severity":609},"\u003Cgoogle-captcha> (google-captcha.php:0)",{"nodes":663,"edges":666},[664,665],{"id":569,"type":570,"label":571,"file":231,"line":572},{"id":574,"type":575,"label":576,"file":231,"line":577,"wp_function":578},[667],{"from":569,"to":574,"sanitized":428},{"entryPoint":669,"graph":670,"unsanitizedCount":29,"severity":609},"display_content (includes\\allowlist.php:49)",{"nodes":671,"edges":677},[672,675],{"id":569,"type":570,"label":673,"file":473,"line":674},"$_SERVER",67,{"id":574,"type":575,"label":588,"file":473,"line":676,"wp_function":590},94,[678],{"from":569,"to":574,"sanitized":428},{"entryPoint":680,"graph":681,"unsanitizedCount":29,"severity":609},"no_items (includes\\allowlist.php:181)",{"nodes":682,"edges":688},[683,686],{"id":569,"type":570,"label":684,"file":473,"line":685},"$_REQUEST",182,{"id":574,"type":575,"label":588,"file":473,"line":687,"wp_function":590},184,[689],{"from":569,"to":574,"sanitized":428},{"entryPoint":691,"graph":692,"unsanitizedCount":29,"severity":609},"display_notices (includes\\allowlist.php:332)",{"nodes":693,"edges":702},[694,695,698,700],{"id":569,"type":570,"label":684,"file":473,"line":252},{"id":574,"type":575,"label":696,"file":473,"line":14,"wp_function":697},"query() [SQLi]","query",{"id":592,"type":570,"label":684,"file":473,"line":699},422,{"id":596,"type":575,"label":588,"file":473,"line":701,"wp_function":590},427,[703,704],{"from":569,"to":574,"sanitized":428},{"from":592,"to":596,"sanitized":428},{"entryPoint":706,"graph":707,"unsanitizedCount":29,"severity":609},"\u003Callowlist> (includes\\allowlist.php:0)",{"nodes":708,"edges":715},[709,710,711,712,713,714],{"id":569,"type":570,"label":673,"file":473,"line":674},{"id":574,"type":575,"label":588,"file":473,"line":676,"wp_function":590},{"id":592,"type":570,"label":600,"file":473,"line":685},{"id":596,"type":575,"label":588,"file":473,"line":687,"wp_function":590},{"id":599,"type":570,"label":684,"file":473,"line":252},{"id":603,"type":575,"label":696,"file":473,"line":14,"wp_function":697},[716,717,718],{"from":569,"to":574,"sanitized":428},{"from":592,"to":596,"sanitized":428},{"from":599,"to":603,"sanitized":428},{"summary":720,"deductions":721},"The \"google-captcha\" plugin, version 1.86, presents a mixed security posture. On the positive side, the static analysis shows a strong adherence to secure coding practices with a high percentage of properly escaped outputs, robust nonce and capability checks, and no detected dangerous functions. The attack surface, while present with AJAX handlers and shortcodes, appears to be well-protected, with no directly accessible unprotected entry points identified.\n\nHowever, there are areas for concern. The presence of 23 SQL queries with 57% not using prepared statements is a notable risk, potentially leading to SQL injection vulnerabilities if not handled meticulously. While the taint analysis shows no critical or high severity flows, one flow with an unsanitized path indicates a potential weakness that could be exploited if an attacker can control the input. The plugin's history of 3 medium severity vulnerabilities, specifically around Cross-site Scripting and Guessable CAPTCHA, suggests recurring issues in input sanitization and CAPTCHA implementation, despite the current static analysis not flagging explicit XSS or unpatched issues.\n\nIn conclusion, the plugin demonstrates good practices in areas like output escaping and authentication checks. Nevertheless, the SQL query practices and the past vulnerability history, particularly concerning input handling and CAPTCHA logic, warrant careful consideration. While the current version shows no unpatched CVEs and a seemingly clean taint analysis, the potential for SQL injection and the historical trends suggest that ongoing vigilance and potentially further code review regarding SQL query handling are advisable.",[722,725,727],{"reason":723,"points":724},"SQL queries not using prepared statements",15,{"reason":726,"points":724},"Past medium severity vulnerabilities (3 total)",{"reason":728,"points":191},"Flows with unsanitized paths","2026-03-16T17:05:41.078Z",{"wat":731,"direct":747},{"assetPaths":732,"generatorPatterns":738,"scriptPaths":739,"versionParams":741},[733,734,735,736,737],"\u002Fwp-content\u002Fplugins\u002Fgoogle-captcha\u002Fcss\u002Fstyle.css","\u002Fwp-content\u002Fplugins\u002Fgoogle-captcha\u002Fjs\u002Fscript.js","\u002Fwp-content\u002Fplugins\u002Fgoogle-captcha\u002Fjs\u002Frecaptcha-v3.js","\u002Fwp-content\u002Fplugins\u002Fgoogle-captcha\u002Fjs\u002Fadmin-script.js","\u002Fwp-content\u002Fplugins\u002Fgoogle-captcha\u002Fcss\u002Fadmin-style.css",[],[740],"https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi.js?onload=gglcptch_onloadCallback&render=explicit",[742,743,744,745,746],"google-captcha\u002Fcss\u002Fstyle.css?ver=","google-captcha\u002Fjs\u002Fscript.js?ver=","google-captcha\u002Fjs\u002Frecaptcha-v3.js?ver=","google-captcha\u002Fjs\u002Fadmin-script.js?ver=","google-captcha\u002Fcss\u002Fadmin-style.css?ver=",{"cssClasses":748,"htmlComments":750,"htmlAttributes":753,"restEndpoints":757,"jsGlobals":758,"shortcodeOutput":761},[749],"gglcptch_captcha",[751,752],"\u003C!-- Start reCaptcha by BestWebSoft -->","\u003C!-- End reCaptcha by BestWebSoft -->",[754,755,756],"data-sitekey","data-callback","data-badge",[],[759,760],"gglcptch_onloadCallback","gglcptch_form_data",[]]